Kaspersky Lab and BitDefender websites hit by hackers

The websites of two major providers of security products have been hit by hackers.

The website of Russian IT security provider Kaspersky Lab was hit at the weekend by a Romanian ‘white-hat’ hacker.

A group calling itself ‘the Romanian Security Team’ claimed that the hackers achieved full access to the database supporting the websites – which includes customer data – by simply altering a parameter in the URLs. They could also perform SQL injections to remotely introduce harmful code into the database.

The group also claimed to have hit the Portuguese site of US anti-virus provider BitDefender, with the personal details of thousands of users viewed. The hackers said that they alerted the two companies of the security flaw and did not expose any of the data they found.

Kaspersky Lab said in a statement: “On Saturday February 7 2009, a vulnerability was detected on a subsection of the usa.kaspersky.com domain when a hacker attempted an attack on the site.

“The site was only vulnerable for a very brief period, and upon detection of the vulnerability we immediately took action to roll back the subsection of the site and the vulnerability was eliminated within 30 minutes of detection. The vulnerability wasn’t critical and no data was compromised from the site.”

Gunter Ollmann, chief security strategist at IBM’s Internet Security Systems, said: “I hope that Kaspersky administrators fix this vulnerability rather quickly as they no doubt have a large customer base, and it would appear that all those customers are now exposed

“On top of that, this type of critical flaw can probably be used to usurp legitimate purchases and renewals of their products – which could include the linking to malicious and backdoored versions of their software – thereby infecting those very same customers that were seeking protection from malware in the first place.”